Computational Logic and the Quest for Greater Automation

Similar documents
LCF + Logical Frameworks = Isabelle (25 Years Later)

Automated Reasoning Lecture 2: Propositional Logic and Natural Deduction

Computer-Checked Meta-Logic

Lecture 14 Rosser s Theorem, the length of proofs, Robinson s Arithmetic, and Church s theorem. Michael Beeson

NICTA Advanced Course. Theorem Proving Principles, Techniques, Applications. Gerwin Klein Formal Methods

Motivation. CS389L: Automated Logical Reasoning. Lecture 10: Overview of First-Order Theories. Signature and Axioms of First-Order Theory

Proving Security Protocols Correct. Lawrence C. Paulson Computer Laboratory

SAT-Solvers: propositional logic in action

Examples: P: it is not the case that P. P Q: P or Q P Q: P implies Q (if P then Q) Typical formula:

- Introduction to propositional, predicate and higher order logics

Formal Verification of Mathematical Algorithms

Logic. Propositional Logic: Syntax. Wffs

Agent-Based HOL Reasoning 1

Formal Verification. Lecture 1: Introduction to Model Checking and Temporal Logic¹

8 Elliptic Curve Cryptography

Computer Science and Logic A Match Made in Heaven

AI Programming CS S-09 Knowledge Representation

Automated and Human Proofs in General Mathematics: An Initial Comparison

Supplementary Notes on Inductive Definitions

1 Propositional Logic

Lecture Notes on Invariants for Arbitrary Loops

02 Propositional Logic

Introduction. Pedro Cabalar. Department of Computer Science University of Corunna, SPAIN 2013/2014

Knights, Knaves, and Logical Reasoning Mechanising the Laws of Thought

Semantics and Pragmatics of NLP

Propositional Logic: Syntax

Lecture Notes on Inductive Definitions

Logical Agents. Outline

Direct Proof MAT231. Fall Transition to Higher Mathematics. MAT231 (Transition to Higher Math) Direct Proof Fall / 24

NP-Completeness Review

Interactive Theorem Proving in Industry

Evidential Paradigm and Intelligent Mathematical Text Processing

Lectures on Computational Type Theory

Topics in Complexity

Inf2D 06: Logical Agents: Knowledge Bases and the Wumpus World

Program verification using Hoare Logic¹

First-Order Theorem Proving and Vampire. Laura Kovács (Chalmers University of Technology) Andrei Voronkov (The University of Manchester)

... The Sequel. a.k.a. Gödel's Girdle

Proof Techniques (Review of Math 271)

Logical Agents. Knowledge based agents. Knowledge based agents. Knowledge based agents. The Wumpus World. Knowledge Bases 10/20/14

COEN6551: Formal Hardware Verification

Abstractions and Decision Procedures for Effective Software Model Checking

Chapter 2. Mathematical Reasoning. 2.1 Mathematical Models

Intel s Successes with Formal Methods

Assignment 3 Logic and Reasoning KEY

Write your own Theorem Prover

A Brief Introduction to Proofs

Decision Theory and the Logic of Provability

Lecture 4: Proposition, Connectives and Truth Tables

Lecture 11: Measuring the Complexity of Proofs

Lecture Notes on Inductive Definitions

CSE 105 Theory of Computation

Lecture Notes on Compositional Reasoning

Intro to Theory of Computation

Lecture 5. 1 Review (Pairwise Independence and Derandomization)

Logic: The Big Picture

6. Logical Inference

Lecture 22: Quantum computational complexity

Lecture Notes 4. Issued 8 March 2018

εx 2 + x 1 = 0. (2) Suppose we try a regular perturbation expansion on it. Setting ε = 0 gives x 1 = 0,

Logic. Propositional Logic: Syntax

Outline. Overview. Syntax Semantics. Introduction Hilbert Calculus Natural Deduction. 1 Introduction. 2 Language: Syntax and Semantics

CSE507. Introduction. Computer-Aided Reasoning for Software. Emina Torlak courses.cs.washington.edu/courses/cse507/17wi/

Scalable and Accurate Verification of Data Flow Systems. Cesare Tinelli The University of Iowa

Math 414, Fall 2016, Test I

The State Explosion Problem

Class 23: Gödel s Theorem

Inference in first-order logic. Production systems.

Last Time. Inference Rules

Lecture 19: Interactive Proofs and the PCP Theorem

LOGIC PROPOSITIONAL REASONING

The P versus NP Problem. Ker-I Ko. Stony Brook, New York

Thanks to: University of Illinois at Chicago NSF DMS Alfred P. Sloan Foundation

Knowledge base (KB) = set of sentences in a formal language Declarative approach to building an agent (or other system):

CSE507. Course Introduction. Computer-Aided Reasoning for Software. Emina Torlak

Chapter Finding parse trees

Mathematics-I Prof. S.K. Ray Department of Mathematics and Statistics Indian Institute of Technology, Kanpur. Lecture 1 Real Numbers

Agenda. Artificial Intelligence. Reasoning in the Wumpus World. The Wumpus World

Church s undecidability result

Ivy: Safety Verification by Interactive Generalization

1 Recap: Interactive Proofs

Intermediate Logic. Natural Deduction for TFL

Topic 1: Propositional logic

Unit 1. Propositional Logic Reading do all quick-checks Propositional Logic: Ch. 2.intro, 2.2, 2.3, 2.4. Review 2.9

Proseminar on Semantic Theory Fall 2013 Ling 720 Proving the Soundness and Completeness of Propositional Logic: Some Highlights 1

A Conundrum concerning the area of a sphere

Bootstrapping Mathematics

Hoare Logic I. Introduction to Deductive Program Verification. Simple Imperative Programming Language. Hoare Logic. Meaning of Hoare Triples

Notes for Lecture 21

COMP219: Artificial Intelligence. Lecture 19: Logic for KR

utomated Reasoning 2 What is automated reasoning? In one sense we'll interpret our title narrowly: we are interested in reasoning in logic and mathema

Hoare Examples & Proof Theory. COS 441 Slides 11

Proofs Propositions and Calculuses

The Curry-Howard Isomorphism

Why is the Universe Described in Mathematics? This essay attempts to address the questions, "Why is the Universe described in

Hoare Logic: Reasoning About Imperative Programs

Reasoning. Inference. Knowledge Representation 4/6/2018. User

2. Introduction to commutative rings (continued)

What can you prove by induction?

MI 4 Mathematical Induction Name. Mathematical Induction

Transcription:

Computational Logic and the Quest for Greater Automation Lawrence C Paulson, Distinguished Affiliated Professor for Logic in Informatics Technische Universität München (and Computer Laboratory, University of Cambridge)

Themes of This Lecture I. Logic and the Real World II.Computers, Logic and Mathematical Proofs III. Achievements IV. The Quest for Greater Automation

I. Logic and the Real World

The Two Forms of Logical Reasoning Inductive logic draws general conclusions from observations It is the basis of science, and it concerns the real world Deductive logic draws specific conclusions by pure reasoning from axioms It is the basis of mathematics... but it never gives an absolute YES or NO.... and is 100% certain, except for human error.

Chickens Can Reason Inductively! The man is our friend!...or is he?

Can People Reason Deductively? A Sudoku has just one solution. An answer is right or wrong the rules are simple and clear. Chickens can t solve this, and neither can most people. However, as a logic problem, it s trivial!

What Can Deduction Say About the Real World? Self-assembly furniture is like a Sudoku: millions of combinations, but only one solution. Chickens can t solve them, and neither can most people. Deduction can help solve realworld problems, if we can find the right mathematical model.

What is the Right Type of Model? Too simple: deductions about this say nothing about how to build the real bookshelf. Too complicated: do we really need to understand the fine structure of the wood? A good model will identify the problem s important features.

II. Computers, Logic and Mathematical Proofs

Myth: Computers Can t Do Logic Reason 1: Gödel proved it was impossible. He didn t. Reason 2: Church did prove it was impossible. (No computer can answer all problems in first-order logic.) Computers can still help in many cases. Reason 3: Whitehead and Russell needed 362 pages to prove 1+1=2! There are other ways of formalizing mathematics or, would you fly in a 100-year-old aeroplane?

A Formal Proof of 1+1=2 (Back in 1910)

What s In a Formal Logic? Syntax: a grammar for logical statements Semantics: a definition of what each grammar element means Proof theory: mechanisms for transforming problems into simpler problems (typically consisting of axioms and inference rules)! Computers handle the syntax and proof theory. The semantics is for us.

A Simple Formal Logic: Boolean Satisfiability A problem is a list of OR-statements. Can they all be true at the same time? rainy cloudy sunny sunny hot!!! if sunny, then hot rainy wet!!! if rainy, then wet hot wet We conclude that it must be cloudy. A SAT-solver can handle problems 100,000 times this size. Is this logic trivial? No, it has endless applications, such as finding bugs in Microsoft device drivers or solving Sudokus!

The Classic Formalism: First-Order Logic (FOL) for all X, Y and Z, if father(x,y) and father(y,z) then grandfather(x,z) X Y Z. father(x,y) & father(y,z) grandfather(x,z) for all X, there exists y such that father(x,y) X. Y. father(x,y) Much of mathematics can be expressed in FOL. Powerful automatic provers exist. (Unlike SAT-solvers, they are hardly used.)

Limitations of Automatic Proof Tools If automatic software is so powerful, why do we need anything else? Because it restricts us to small problems and simple models. With richer formalisms, we could model almost anything: computer processors networked systems security environments advanced mathematics L 0 = 0 L α+1 = D(L α ) L α = ξ<α L = α ON L ξ L α

Interactive Theorem Proving Formal logics with deeper concepts: functions, sets, induction, recursion. Hierarchies of mathematical books (or theories ): Each book defines some concept, such as cryptography. Books can build on other books, so developments can be huge. Users prove the theorems: The software knows what proof steps are legal at a given point. It helps by doing basic steps automatically. We are constantly adding to this automation.

Isabelle: A Generic Interactive Prover! Isabelle Generic means the user can introduce new logical formalisms, in addition to the standard ones. The syntax and axioms can simply be listed. A general mechanism, called higher-order unification, combines separate proof steps. Over the years, researchers at TUM have given Isabelle... an elaborate formalization of higher-order logic; a structured language, Isar, for writing proofs in traditional style; automatic typesetting of mathematical proofs.

III. Achievements

Verified Computer Systems computer proof human judgement Goal: to increase reliability through a mathematical proof of correctness Results are only as accurate as the formal model. Traditional testing guards against errors in the model.

How to Verify a Computer System Define what it means for a computation to be OK. Safety means nothing has gone wrong (so far). Progress issues does it do anything? are reduced to safety properties. Show all initial states to be OK. Show that all possible actions yield an OK state if they start in one. The model needs to include enough detail about states and possible state changes.

Verification Example: Security Protocols!"#$%&'()#(*"('+ Whom are you talking to really? $&#,%-.,(# $-/!"+(#!"#$%&'$(# )/)1)"1(+ #(2.(+1 101+1&+() #(*"('+ 101+1&+( #('!-0'( /(#$%&0+ $-/!"+(# 0(#!%"/1 +(/$+!(#1)4)!"1(5+6 Can a spy on the Internet trick your bank into revealing your details?!"#$%&'$(# #(!()*(+, #(+-&/+( "/$ +(/$+ #(2.(+1!"#$%&'$(# #(!()*(+, -.#!%"+( #(+-&/+(!"#$%&'( #(*"('+!"#$%&'( #('!-0'( 0(#!%"/1 -#&!(++(+ #(2.(+1 0(++"3( These message exchanges use encryption to keep data secret while authenticating the remote computer In Isabelle, realistic models of protocols can be formalized. Industrial protocols such as SET (Secure Electronic Transaction) can be proved correct.

Verified Mathematics Mathematical techniques are of unlimited variety and sophistication. Verifying known mathematics helps us improve our tools. Algebra requires a flexible treatment of abstractions. Formalization finds exceptional cases and can yield historical insights. Known proofs of the Four Colour Theorem and of the Kepler Conjecture are too complicated for manual methods. Real analysis requires special solvers for inequalities.

Isabelle Milestones in Verified Mathematics Equivalents of the Axiom of Choice: Gr!bczewski (1996) verified two chapters of this famous book by Rubin and Rubin. The relative consistency of the axiom of choice: was Gödel right to claim that his proof did not require meta-mathematical reasoning? Newton's Principia: Fleuriot (1998) combined geometry with nonstandard analysis to formalize Newton s logic and check some proofs. The prime number theorem: Avigad (2004) formalized this landmark of number theory. Tame graphs: Nipkow and colleagues (2006) are contributing to the effort to prove the Kepler Conjecture formally.

Verifying Newton s Principia Newton s great book on motion and gravity did not use the calculus. In this proof of the inverse-square law, he merely asks what happens when the points P and Q coincide. Fleuriot formalized Newton s infinitesimal geometry using nonstandard analysis. He found an error in this proof, but found an alternative way to the result. Proposition XI: a body in elliptical orbit

IV. The Quest for Greater Automation

Interactive Proof: What s the Catch? Proving theorems interactively is like building one of these. Even obvious facts can be difficult to prove. Legal proof steps are tiny, so the proofs are long. The work can be tiresome and frustrating... and only experts can do it.

Greater Automation: What s Been Done? Most proof tools can use equations like this one to simplify formulas. x = 0 = x x = 1 Isabelle can also use implications like these to search for proofs, using forward and backward chaining... thanks to which it can prove complicated things automatically. Still we need more automation!

Idea 1: Combine Isabelle with Automatic Provers The best automatic provers E, SPASS, Vampire do much more than chaining. To use them requires encoding Isabelle s rich formalism into the spartan language of first-order logic. They can beat Isabelle s built-in provers, but not always: they will require tuning before they become effective on problems generated by Isabelle. Parallelism can be exploited: we can call multiple provers, take the best result and record it permanently.

Idea 2: Proving Inequalities We often need to prove formulas involving functions like sin, cos, exp, log. There is no general solution procedure... but often the function is bounded above or below by a polynomial (at least in a finite range). Inequalities involving polynomials can be solved using a procedure for real closed fields.

Idea 3: Telling the User When to Give Up Often our problem has no solution: the chip design isn t correct, or we have expressed it wrongly, or forgot to mention essential facts. People at TUM have built tools for warning Isabelle users of this situation. One way to do this is simply by testing the problem on a few values. (More complicated than it sounds!) Trying to solve impossible problems is a terrible waste of time!

The Future? Proof technologies of all sorts have developed rapidly. In the past, we have benefitted from faster processors,... and now we are ready to exploit the new multi-core computers. Large-scale trials are under way, such as the VeriSoft project,... with other applications in the U. S. and Australia,... and research projects in many countries.

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback